Mybb Merge System 1.8.7 ACP Obtain Information Vulnerability

Summary

Mybb Merge System is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application.

Credit:

The information has been provided by patryk.
The original article can be found at: http://www.securityfocus.com/bid/94396


Details

Vulnerable Systems:
 * Mybb Merge System 1.8.7
 * Mybb 1.8.7

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name.

CVE Information:
CVE-2016-9418

Disclosure Timeline:
Publish Date : 2017-01-31
Last Update Date : 2017-02-05

Categories: News